So I got this text the other day: Text from unknown number(spoofed anyway no need to put from number it is false – also I modified the link so others will not be able to go to it: WALMART is starting an exceptionally huge research project in your area. This project happens each week, so … Read more
Rapid7 has found a spring framework vulnerability called Spring4Shell As usual a new vulnerability requires risk management to be reassessed. https://nvd.nist.gov/vuln/detail/CVE-2022-22965 Leads to https://tanzu.vmware.com/security/cve-2022-22965 Which says the following information which is important. CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+ Affected VMware Products and Versions Severity is critical unless otherwise noted. … Read more
What does it mean when a Linux Kernel has a vulnerability? the Linux kernel is the software which runs the system – the main operating system software it is inside all other software – it does connect to applications with shell (usually Bourne image from Linoxide Updated the image to include Android possible issues … Read more
Abilities Identify Security issues based on analysis of vulnerabilities – apply cybersecurity and privacy principles to organizational requirements Knowledge Application vulnerabilities, data backup and recovery, host/network access control mechanisms, system administration, network, and operating system hardening techniques. Skills Detecting host and network intrusions Conduct vulnerability scans and recognize vulnerabilities in security systems. Tasks Keep up … Read more
Affected Software A significant number of Java-based applications are using log4j as their logging utility and are vulnerable to this CVE. To the best of our knowledge, at least the following software may be impacted: Apache Struts Apache Solr Apache Druid Apache Flink ElasticSearch Flume Apache Dubbo Logstash Kafka Spring-Boot-starter-log4j2 So you can see that … Read more
